Jackie/rentall-app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

sanitized errors

Browse Source
This commit is contained in:
jackiettran
2025-11-26 15:49:42 -05:00
parent fab79e64ee
commit f2d3aac029
7 changed files with 113 additions and 116 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
backend/routes/items.js
View File

@@ -5,7 +5,7 @@ const { authenticateToken, requireVerifiedEmail, requireAdmin, optionalAuth } =
const logger = require("../utils/logger");
const router = express.Router();
router.get("/", async (req, res) => {
router.get("/", async (req, res, next) => {
try {
const {
minPrice,
@@ -84,11 +84,11 @@ router.get("/", async (req, res) => {
stack: error.stack,
query: req.query
});
res.status(500).json({ error: error.message });
next(error);
}
});
router.get("/recommendations", authenticateToken, async (req, res) => {
router.get("/recommendations", authenticateToken, async (req, res, next) => {
try {
const userRentals = await Rental.findAll({
where: { renterId: req.user.id },
@@ -119,12 +119,12 @@ router.get("/recommendations", authenticateToken, async (req, res) => {
stack: error.stack,
userId: req.user.id
});
res.status(500).json({ error: error.message });
next(error);
}
});
// Public endpoint to get reviews for a specific item (must come before /:id route)
router.get('/:id/reviews', async (req, res) => {
router.get('/:id/reviews', async (req, res, next) => {
try {
const { Rental, User } = require('../models');
@@ -169,11 +169,11 @@ router.get('/:id/reviews', async (req, res) => {
stack: error.stack,
itemId: req.params.id
});
res.status(500).json({ error: error.message });
next(error);
}
});
router.get("/:id", optionalAuth, async (req, res) => {
router.get("/:id", optionalAuth, async (req, res, next) => {
try {
const item = await Item.findByPk(req.params.id, {
include: [
@@ -226,11 +226,11 @@ router.get("/:id", optionalAuth, async (req, res) => {
stack: error.stack,
itemId: req.params.id
});
res.status(500).json({ error: error.message });
next(error);
}
});
router.post("/", authenticateToken, requireVerifiedEmail, async (req, res) => {
router.post("/", authenticateToken, requireVerifiedEmail, async (req, res, next) => {
try {
const item = await Item.create({
...req.body,
@@ -284,11 +284,11 @@ router.post("/", authenticateToken, requireVerifiedEmail, async (req, res) => {
ownerId: req.user.id,
itemData: logger.sanitize(req.body)
});
res.status(500).json({ error: error.message });
next(error);
}
});
router.put("/:id", authenticateToken, async (req, res) => {
router.put("/:id", authenticateToken, async (req, res, next) => {
try {
const item = await Item.findByPk(req.params.id);
@@ -327,11 +327,11 @@ router.put("/:id", authenticateToken, async (req, res) => {
itemId: req.params.id,
ownerId: req.user.id
});
res.status(500).json({ error: error.message });
next(error);
}
});
router.delete("/:id", authenticateToken, async (req, res) => {
router.delete("/:id", authenticateToken, async (req, res, next) => {
try {
const item = await Item.findByPk(req.params.id);
@@ -360,12 +360,12 @@ router.delete("/:id", authenticateToken, async (req, res) => {
itemId: req.params.id,
ownerId: req.user.id
});
res.status(500).json({ error: error.message });
next(error);
}
});
// Admin endpoints
router.delete("/admin/:id", authenticateToken, requireAdmin, async (req, res) => {
router.delete("/admin/:id", authenticateToken, requireAdmin, async (req, res, next) => {
try {
const { reason } = req.body;
@@ -463,11 +463,11 @@ router.delete("/admin/:id", authenticateToken, requireAdmin, async (req, res) =>
itemId: req.params.id,
adminId: req.user.id
});
res.status(500).json({ error: error.message });
next(error);
}
});
router.patch("/admin/:id/restore", authenticateToken, requireAdmin, async (req, res) => {
router.patch("/admin/:id/restore", authenticateToken, requireAdmin, async (req, res, next) => {
try {
const item = await Item.findByPk(req.params.id);
@@ -513,7 +513,7 @@ router.patch("/admin/:id/restore", authenticateToken, requireAdmin, async (req,
itemId: req.params.id,
adminId: req.user.id
});
res.status(500).json({ error: error.message });
next(error);
}
});